As connectivity in the Industrial Internet of Things (IIoT) increasingly transforms manufacturing, new global research has revealed that nearly eight in 10 manufacturers (79%) have suffered some form of IoT cyberattack in the past year.
With IoT devices continuing to proliferate across critical manufacturing infrastructure, the findings underline the importance of ensuring that the potential business benefits of IoT can be realised safely.
For those that were hit by IoT-focused cyberattacks, operational downtime (47%), compromised customer data (35%), and compromised end-user safety (33%) were the most common impacts.
Clearly pointing to a direct bearing on the revenue and health safety challenges presented by unsecured IoT devices.
The global research – conducted by Irdeto – also suggests that businesses are aware of where the key cybersecurity vulnerabilities exist within their infrastructure, but don’t necessarily have everything they need to address them.
Vulnerabilities
The most prominent vulnerabilities within manufacturing were in mobile devices and apps (46%), followed by the IT network (41%) and the software used by the organisation (40%).
Despite this awareness, 92% of respondents feel their organisation doesn’t have everything it needs to address cybersecurity challenges, with 44% stating their need to implement a more robust security strategy.
This is followed by a need for additional expertise/skills within the organisation to address all aspects of cybersecurity (42%), and a need for more effective cybersecurity tools (37%).
These issues are being compounded by the finding that almost all manufacturers (91%) and IoT device users (96%) state that the cybersecurity of the IoT devices that they manufacture / use could be improved either to a ‘great extent’ or to ‘some extent’.
Financial costs
Failure to address these challenges could prove costly. The average financial impact as a result of IoT-focused cyberattacks in manufacturing is more than £224,500 (US$280,000), according to the survey.
As manufacturers fight to keep pace with cybersecurity challenges, they do have several security measures in place, but have often not implemented enough layers into their security strategy.
21% of organisations surveyed don’t currently have software protection technologies implemented and 39% don’t have mobile app protection implemented, despite identifying mobile devices and apps as the greatest source of vulnerabilities.
Furthermore, only 50% make security part of their product design lifecycle process.
Future plans
However, the majority of organisations that don’t already have these measures in place plan to implement them in the next year. In addition, 99% of manufacturers surveyed agree that a security solution should be an enabler of new business models, not just a cost.
That would suggest that attitudes towards IoT security are changing for the better.